Check for Meltdown and Spectre vulnerability. KB4072699

This will check the Windows machine its run on to see if it has had the relevant Windows updates applied.

Source Code

This script has not been checked by Spiceworks. Please understand the risks before using it.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

<#
.NAME
Meltdown / Spectre check
.SYNOPSIS
Checks the server it's run on for the relevant updates.
.Descripton
Microsoft released updates to mitigate the Meltdown and Spectre Intel vulnerabilities, this script checks for the relevant updates on the system to check if the Windows updates have been installed.
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
.Remarks
*** ALL sensitive data is held in plain text, so caution is advised where you deploy this script. ***
.Author: Carlos
.Date: 09/01/2018
#>
# User defined variables.
#list of all the hotfixes from https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
$hotfixes = "KB4056897","KB4056898","KB4056890","KB4056892"
#checks the computer it's run on if any of the listed hotfixes are present
$hotfix = Get-HotFix -ComputerName $env:computername | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property "HotFixID"
#confirms whether hotfix is found or not
if (Get-HotFix | Where-Object {$hotfixes -contains $_.HotfixID})
{"Found HotFix: " + $hotfix.HotFixID}
else
{Write-Warning ”Didn't Find HotFix"}